<?php
	session_start();
	if(!$_SESSION["username"]){
		//not logged in
		header("location:login.php");
	}

	// Connect to server and select databse.
	mysql_connect("localhost", "root", "")or die("cannot connect"); 
	mysql_select_db("Project 5.5")or die("cannot select DB");
	
	if (!isset($_GET['userid'])){
		header("location:index.php");
	}
	
	//redirect if not tutor and not your results
	$sql='SELECT User_ID FROM users WHERE Username="'.$_SESSION["username"].'"';
	$result=mysql_fetch_row(mysql_query($sql));
	global $id;
	$id	= $result[0];
	if (($result[0]!=$_GET['userid'])&&($_SESSION["role"]!='TUT')){
		header("location:index.php");
	}
	
	//displays url message if any
	function message(){
		if(isset($_GET['message'])){
			switch ($_GET['message']){
				case "updated":
					echo '<div id="error" style="display:block;background:#9F9;color:#777;"><a href="results.php?userid='.$_GET['userid'].'">Student Marks Updated</a></div>';
					break;
				case "submitted":
					echo '<div id="error" style="display:block;background:#9F9;color:#777;"><a href="results.php?userid='.$_GET['userid'].'">Student Review Submitted</a></div>';
					break;
			}
		}
	}
	
	//lists assessment and results in table
	function resultsList() {		
		$userid= $_GET['userid'];
		$sql='SELECT Assessment_ID, Assessment_Name, Due_Date, Weighting FROM assessment';
		$result=mysql_query($sql);
		
		if ($_SESSION["role"]=='TUT'){
			echo '<form  method="post" action="results.php?userid='.$userid.'&message=updated" name="editresultsform" onSubmit="return validateForm(\'addstudentform\');" style="padding-left:100px">';
		}
		echo '<table align="center" border="1" cellspacing="0" width="500">';
		echo '<tr style="background:#BBB;"><td>Assessment</td><td>Due Date</td><td>Date Submitted</td><td>Weighting</td><td>Result</td></tr>';
		
		while ($row = mysql_fetch_row($result)) {
		
			echo '<td style="padding:5;font-size:15pt;">'.$row[1].'</td>';
			echo '<td style="padding:5;font-size:15pt;">'.$row[2].'</td>';
			
			$sql2='SELECT Date_Recieved, Mark FROM results WHERE Assessment_ID="'.$row[0].'" AND Student_ID="'.$userid.'"';
			$result2=mysql_fetch_row(mysql_query($sql2));
			
			echo '<td style="padding:5;font-size:15pt;">';
			if ($result2[0]!="") {
				echo $result2[0];
			}else{
				$today = getdate();
				$due = explode("/", $row[2]);
				
				if (($today['year']>$due[2]) || ($today['year']==$due[2] && $today['mon']>$due[1]) || ($today['year']==$due[2] && $today['mon']==$due[1] && $today['mday']>$due[0])) {
					echo "<span style='color:#A00;'>Late</span>";					
				}
			}
			echo '</td>';
			echo '<td style="padding:5;font-size:15pt;">'.$row[3].'</td>';
			
			if ($_SESSION["role"]=='TUT'){
				$today = getdate();
				$due = explode("/", $row[2]);
				echo '<td style="padding:5;font-size:15pt;">';
				if (($today['year']>$due[2]) || ($today['year']==$due[2] && $today['mon']>$due[1]) || ($today['year']==$due[2] && $today['mon']==$due[1] && $today['mday']>$due[0])) {
					echo '<input type="text" style="width:30px" name="'.$row[0].'" value="'.$result2[1].'"/>';					
				}
				echo '</td>';
				
			}else{
				echo '<td style="padding:5;font-size:15pt;">'.$result2[1].'</td>';
			}
			
			echo '</tr>';
			
		}
				
		if ($_SESSION["role"]=='TUT'){
			echo '<tr><td></td><td></td><td></td><td></td><td><input type="submit" name="submit1" value="" class="updateBtn"/></td></tr></table></form>';
		}else{
			echo '</table>';
		}
		
	}
	
	//update marks for student
	if (isset($_POST['submit1'])) {
		if ($_GET['message']=="updated") {
			$sql='SELECT Assessment_ID FROM assessment';
			$result=mysql_query($sql);
			while ($row = mysql_fetch_row($result)) {
				if(isset($_POST[$row[0]])){
					$sql2='UPDATE results SET Mark="'.$_POST[$row[0]].'" WHERE Assessment_ID="'.$row[0].'" AND Student_ID="'.$_GET['userid'].'"';
					$result2=mysql_query($sql2);
				}
			}
		}
	}
	
	//update/insert student review
	if (isset($_POST['submit2'])) {
		$sql='SELECT Student_ID, Tutor_ID FROM studentreviews';
		$result=mysql_query($sql);
		$existing=false;
		while ($row = mysql_fetch_row($result)) {
			if ($row[0]==$_GET['userid']&&$row[1]==$id) {
				$existing=true;
			}
		}
		if ($existing) {
			$sql='UPDATE studentreviews SET Review="'.$_POST['review'].'" WHERE Student_ID="'.$_GET['userid'].'" AND Tutor_ID="'.$id.'"';
			$result=mysql_query($sql);
		} else {
			$sql='INSERT INTO studentreviews (Student_ID, Tutor_ID, Review) VALUES ("'.$_GET['userid'].'","'.$id.'","'.$_POST['review'].'")';
			$result=mysql_query($sql);
		}
	}
	
	//displays information about students results
	function overallResult() {
		
		$markssofar=0;
		$marksremaining=100;
		
		$sql="SELECT Assessment_ID, Weighting, Due_Date FROM assessment";
		$result=mysql_query($sql);
		$current=0;
		//calculate marks from assignments that are past due
		while ($row = mysql_fetch_row($result)) {
			$today = getdate();
			$due = explode("/", $row[2]);
			
			if (($today['year']>$due[2]) || ($today['year']==$due[2] && $today['mon']>$due[1]) || ($today['year']==$due[2] && $today['mon']==$due[1] && $today['mday']>$due[0])) {
				$markssofar+=$row[1];
				$marksremaining-=$row[1];
				
			}
			
			$sql2='SELECT Mark FROM results WHERE Student_ID="'.$_GET['userid'].'" AND Assessment_ID="'.$row[0].'"';
			$result2=mysql_fetch_row(mysql_query($sql2));
			
			if ($result2[0]!=null){
				$current+=$result2[0];
			}
		}
		
		$overallNeeded = 50 - $current;
		$sevenNeeded = 85-$current;
		
		echo "Your current standing is ".$current."/".$markssofar." marks.<br/>";
		if ($overallNeeded<=$marksremaining){
			if ($overallNeeded<=0) {
				echo "Congratulations, you have passed this unit.<br/>";
			} else {
				echo "You need to get ".$overallNeeded." out of the remaining ".$marksremaining." marks to pass.<br/>";
			}
			if ($sevenNeeded<=$marksremaining) {
				echo "You need to get ".$sevenNeeded." out of ".$marksremaining." marks to get a grade of 7.<br/>";
			} else {
				if ((75-$current)<=$marksremaining) {
					echo "The highest grade you can still get is a 6.<br/>";
				} else {
					if ((65-$current)<=$marksremaining) {
						echo "The highest grade you can still get is a 5.<br/>";
					}
				}
			}
		} else {
			echo "There are not enough marks left for you to pass this unit.";
		}
		

	}
	
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
	<title>Student Results</title>	
	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
	<link href="css/main.css" rel="stylesheet" type="text/css" />
	<script type="text/javascript" src="js/formsValidate.js"/></script>
</head>
<body>

	<div id="topbar">
		<div id="qut_logo" />  
		<img src="../img/strapline.png" alt="Slogan" id="slogan"/>
	</div>
	
	<div id="menubar">
		<div id="breadcrumbs">
			<a href="index.php">Home</a> \ <?php if($_SESSION["role"]=='TUT'){echo "<a href='management.php'>Management</a> \ <a href='managestudents.php'>Students</a> \ ";} ?><a href='results.php?userid=<?php echo $_GET["userid"]; ?>'>Results</a>
		</div>
		<div id="logout"> 
			<a href="login.php?destroy=true">Log Out</a>
		</div>
	</div>
	
	<div id="error">
	</div>
	<?php
		message();
	?>
	<div id="namebar_results" ></div>
	
	<div id="body">
		<br/>
		<table id="form4" align="center" width="100%" height="100%" border="0" cellpadding="0" cellspacing="0">
			<tr>
				<td width="59%" style="padding:15px;vertical-align:top;">
					<div style="font-size:14pt; font-weight:bold; text-decoration:none; padding-bottom:15px; background-color:#FFF; text-align:center">
						<div style="background-color: #CCC;font-size:25pt;font-weight:bold;">
							Assessment Results
						</div>
						<p>
							<?php
								resultsList();
							?>
						</p>
					</div>				
				</td>
				<td width="59%" style="padding:15px;vertical-align:top;">
					<div style="font-size:14pt; font-weight:bold; text-decoration:none; padding-bottom:15px; background-color:#FFF; text-align:center">
						<div style="background-color: #CCC;font-size:25pt;font-weight:bold;">
							Overall Result
						</div>
						<p>
							<?php
								overallResult();
							?>
						</p>
					</div>
					<br/>
					<?php
						//show student review section only if tutor
						if ($_SESSION["role"]=='TUT'){
							$review='';
							$sql='SELECT Review FROM studentreviews WHERE Student_ID="'.$_GET['userid'].'" AND Tutor_ID="'.$id.'"';
							$result=mysql_fetch_row(mysql_query($sql));
							$review=$result[0];
		
							echo '<div style="font-size:14pt; font-weight:bold; text-decoration:none; padding-bottom:15px; background-color:#FFF; text-align:center">';
							echo '<div style="background-color: #CCC;font-size:25pt;font-weight:bold;">Student Review</div>';
							echo '<form  method="post" action="results.php?userid='.$_GET['userid'].'&message=submitted" name="studentreviewform">';
							echo '<br/><textarea style="height:100px;width:320px;" name="review">'.$review.'</textarea><br/><br/>';
							echo '<input type="submit" name="submit2" class="subBtn" value="" />';
							echo '</form></div>';
						}
					?>
				</td>
			</tr>
		</table>
	</div>
	
	<div id="bottombg">
		<p>
			<a style="color:#333" href="http://www.qut.edu.au/additional/privacy">Privacy</a> 
			|
			<a style="color:#333" href="http://www.qut.edu.au/additional/copyright">Copyright</a>
			|
			<a style="color:#333" href="http://www.qut.edu.au/additional/disclaimer">Disclaimer</a>
			|
			<a style="color:#333" href="http://www.qut.edu.au/additional/accessibility">Accessibility</a>
		</p>
	</div>
</body>
</html>